The cheat sheet is a condensed format of the main facts that you need to know before taking the exam. We must learn the exam concepts and not just the answers to a bank of questions.
Risk Treatments
- Avoidance – risk deemed too high. Avoid activity.
- Acceptance – risk too low – do not mitigate
- Mitigation – reduce the risk; for example, anti-virus on laptop
- Transference – transfer risk to a third party; for example, outsourcing, car insurance
Risk Assessment
- Stage 1 – identify the asset – determine how it is treated and handled
- Quantitative – measurement of loss expressed in a number format
- Qualitative – grading risk as high, medium, or low
- SLE – single loss of an item
- ARO – number of losses in a year
- ALE – SLE x ARO = annual losses in a year
- Residual risk – remaining risk after mitigation
Personnel Management
- Mandatory vacations – employee takes a holiday; the employer discovers...